[all-commits] [llvm/llvm-project] b47e23: [alpha.webkit.UncountedLocalVarsChecker] Warn the ...
Ryosuke Niwa via All-commits
all-commits at lists.llvm.org
Tue Oct 29 23:13:44 PDT 2024
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: b47e2316bf083cd2e0e5ac2ef1e9c913f839a51b
https://github.com/llvm/llvm-project/commit/b47e2316bf083cd2e0e5ac2ef1e9c913f839a51b
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2024-10-29 (Tue, 29 Oct 2024)
Changed paths:
M clang/lib/StaticAnalyzer/Checkers/WebKit/UncountedLocalVarsChecker.cpp
M clang/test/Analysis/Checkers/WebKit/mock-types.h
M clang/test/Analysis/Checkers/WebKit/uncounted-local-vars.cpp
Log Message:
-----------
[alpha.webkit.UncountedLocalVarsChecker] Warn the use of a raw pointer/reference when the guardian variable gets mutated. (#113859)
This checker has a notion of a guardian variable which is a variable and
keeps the object pointed to by a raw pointer / reference in an inner
scope alive long enough to "guard" it from use-after-free. But such a
guardian variable fails to flawed to keep the object alive if it ever
gets mutated within the scope of a raw pointer / reference.
This PR fixes this bug by introducing a new AST visitor class,
GuardianVisitor, which traverses the compound statements of a guarded
variable (raw pointer / reference) and looks for any operator=, move
constructor, or calls to "swap", "leakRef", or "releaseNonNull"
functions.
To unsubscribe from these emails, change your notification settings at https://github.com/llvm/llvm-project/settings/notifications
More information about the All-commits
mailing list